This Article 
 Bibliographic References 
 Add to: 
Managing Vulnerabilities in Networked Systems
November 2001 (vol. 34 no. 11)
pp. 32-38

Most organizations recognize the importance of cyber security and are implementing various forms of protection. However, many are failing to find and fix known security problems in the software packages they use as the building blocks of their networks and systems, a vulnerability that a hacker can exploit to by-pass all other efforts to secure the enterprise.

The Common Vulnerabilities and Exposures initiative seeks to avoid such disasters and transform this area from a liability to a key asset in the fight to build and maintain secure systems. Coordinating international, community-based efforts from industry, government, and academia, CVE strives to find and fix software product vulnerabilities more rapidly, predictably, and efficiently.

The initiative seeks the adoption of a common naming practice for describing software vulnerabilities. Once adopted, these names will be included within security tools and services and on the fix sites of commercial and open source software package providers.

As vendors respond to more user requests for CVE-compatible fix sites, securing the enterprise will gradually include the complete cycle of finding, analyzing, and fixing vulnerabilities.

Robert A. Martin, "Managing Vulnerabilities in Networked Systems," Computer, vol. 34, no. 11, pp. 32-38, Nov. 2001, doi:10.1109/2.963441
Usage of this product signifies your acceptance of the Terms of Use.